This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
☆20Apr 17, 2023Updated 2 years ago
Alternatives and similar repositories for Create_Thread_Inline_Assembly_x86
Users that are interested in Create_Thread_Inline_Assembly_x86 are comparing it to the libraries listed below
Sorting:
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- Malsys is a project designed to validate and analyze files for potential malware signatures.☆21Nov 5, 2023Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- ☆25Apr 28, 2024Updated last year
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆97Aug 27, 2023Updated 2 years ago
- Manually perform syscalls without going through any external API or DLL.☆19Apr 19, 2023Updated 2 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55May 8, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆66Nov 13, 2022Updated 3 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- Convert VBS file to EXE☆17May 17, 2025Updated 9 months ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆28Dec 7, 2025Updated 2 months ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆89Jul 7, 2022Updated 3 years ago
- Red Team Operation's Defense Evasion Technique.☆56Jun 4, 2024Updated last year
- ☆105May 15, 2023Updated 2 years ago
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++☆260Jun 14, 2023Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆105Jan 24, 2024Updated 2 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆138Jul 10, 2025Updated 7 months ago
- Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE☆11Jun 14, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- random code snippets, useful for getting started☆122Nov 29, 2025Updated 3 months ago
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- A kernel driver to get a Handle to virtually *every* process☆13Jan 16, 2024Updated 2 years ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- ☆12Feb 28, 2022Updated 4 years ago
- Execute shellcode files with rundll32☆216Jan 28, 2024Updated 2 years ago
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆89Nov 9, 2023Updated 2 years ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated last year
- CobaltStrike beacon written in golang☆27Apr 4, 2023Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- Abusing Remote Windows SMB Shares for Fun and Pen Testing☆15May 23, 2023Updated 2 years ago